Fork: 1
miura250 / linux_kernel_hacking
Download ZIP 28commits
Transfer to URL with SHA
linux_kernel_hacking / 3_RootkitTechniques / 3.1_syscall_hooking /
latest commit 2a4cf39465
@Harvey Phillips Harvey Phillips authored on 16 Jun 2020
..
Makefile change folder name 4 years ago
README.md change folder name 4 years ago
rootkit.c change folder name 4 years ago
README.md

Linux Kernel Hacking

3.1: Syscall Table Hijacking

Hijacking the linux syscall table, and hooking sys_mkdir.

To use:

  • Build with make
  • Load with insmod rootkit.ko
  • Create a directory with mkdir a
  • Check output in kernel buffer with dmesg
  • Unload with rmmod rootkit